After almost 6 yrs of experience in different domains, I have now landed in Information security field. Where my work is nothing but maintain some documents and copy-pasting some articals from new paper and sending them to other colleagues. I thought , it would be better to know more about Info Security field and make future in this as it sounds interesting to me. I have started it last year already 27 yrs old. I bought few books and used google for it and learned basic of C, Ruby and Python. Which I almost forgotten after 3-4 months. I have tried all possible ways to get more knowdege like reading security+, network +, basic ethical hacking books..Joining a onlline hacking course but all in vain as without practical it will not lead anywhr and theortical part will drained away from mind after somtime.finaly I m here... My question are

I decided to go for EC council CEH exam..going to take one more online course as I dont have any practical knwldge.. i thnk it migt help..could someone please let me know if there is any other certificate which has same or better value than this and reasonable to giv a try.

Sould I still concentrate on programing as I think without practical it is no use...How to get a job in this field which keep me busy a bit in technical issue so i can learn and apply the techniques which i am using in net.

Is there any online Skype, gtalk comunity who worked together on inforamtion security projects and ready to help new comers.. I m in Germny..

ajohson is correct Offensive Security and eLearn Security are both great places Hacking Dojo also has an online hacking lab environment. I just took the class from InfoSec institute for the Ethical Hacking it gives you CPT and C|EH I passed the C|EH and am currently finishing the pratical for the CPT. If you can afford to take a call online that's not a bad one at all. Other wise keep reading and welcome!

Once you've created a network, create a flaw in it, and then exploit that flaw to gain your goal. Document the entire process so you can refer back to it repeatedly.

I personally prefer creating vulnerable networks that are vulnerable due to misconfiguration rather than software with holes in them. Holes get patched, but misconfiguration almost never gets changed until someone points it out.

Theres nothing like knowing exactly how a flaw is created to understand (and remember) how to exploit it.

n37sh@rk wrote:Hacking Dojo also has an online hacking lab environment.

Yes, we have an online lab for students, but check out the "Media Page" on the HackingDojo.com site as well for information and targets to set up the virtual hacking lab, if you're unfamiliar with this concept:

There are some of my conference talks on that page as well, but look for the one titled "Penetration Test LiveCDs – DefCon 15" for a more in-depth discussion of LiveCDs used for pentesting labs. There is a free video on setting up a lab here:

Thanks a lot for prompt replies..Could you guys please provide you suggestion on below points..

should I continue with Programing lang or concentrate on hacking tools and other hacking things more?Would it be correct for a person who does nt have any networking or IT background to start with CEH .. I think i can pass that exam after few months of preparation?

Or will it help me out to get entry level job in pen test or hacking field?

You can get a job in the pentesting field with no pentesting experience, but harder to do without IT or networking - not impossible.Be aware that the CEH will get you past the HR filters when applying for a job, but means almost nothing to a hiring manager who is more interested in your ability to use a methodology, your knowledge of protocols and how to exploit them, and your fu with the different tools. That said, get your CEH but spend most of your time learning how to pentest, not just how to use the tools.

Some good advice from the others. I have taken courses from eLearnSecurity, Offensive Security, Hacking Dojo (before it was called Hacking Dojo), and a CEH course. I learned the least from the CEH course. The CEH course taught me how to use individual tools, but not putting it together using a methodology. These other courses go beyond just teaching you the tools. I would recommend starting with eLearnSecurity or Hacking Dojo and Offensive Security after you have a better understanding of pentesting.

Hi , take some time and watch this webinar from elearnsecurity by Armando .http://www.elearnsecurity.com/collatera ... beginners/..It will answer all your question in you head, its almost 1 hour . i download it convert it to mp3 so i listen it like 3 or 4 times then i decide what i want be in " info sec" .